Recently I have had the oppertunity to fix a cross-site-scripting problem. The problem is: a lot of JSON objects are being sent over the wire and the data is not being html escaped. This means that anyone who would put html data IN would get it out and make any user vulnerable for XSS attacks. [...]
Posts Tagged ‘maven’
Prevent cross-site scripting when using JSON objects using ESAPI and Jackson framework 1.7.x
Posted: February 16, 2011 in Cross-site Scripting, programming, Security, Spring, Web DevelopmentTags: esapi, java, json, maven, ObjectMapper, security, spring, spring-mvc, xss
6
Don’t forget your resources directory! (Maven/Eclipse/Sysdeo-tomcat)
Posted: December 10, 2009 in programming, Web DevelopmentTags: apache, eclipse, maven, tomcat, xmlrpc
Recently I had to set up a XMLRPC Server. Using Apache’s XMLRPC it should not be that hard to set up. It wasn’t. But it did not work the first time. The XMLRPC Serlvet would not be initialized properly because it could not find the XmlRpcServlet.properties file. I was a bit suprised, because I had [...]
